The response to and investigation of cyber attacks

The detect and respond phase of KPMG’s Cyber Security Framework is about the response to and investigation of cyber attacks.

KPMG’s Cyber Response and Investigations teams work closely with clients to detect, contain and recover from cyber attacks; once this has been done, the teams investigate the origin of the attacks. Our digital forensic teams can provide a reliable, end-to-end digital forensic and expert witness services, from investigation strategy and planning, scoping and collection to analysis and presentation of material to court.

What’s on your mind?

Are there malicious insiders in my organization, abusing their position and system access for any illegal purposes?

How do I determine whether I’m subject to sophisticated attacks from criminal gangs, competitors or nation states?

Is it possible to recover from Internet worms or malware that take over workstations and systems?

What should we do if we don’t have the full capability to respond to a cyber attack?

How do I determine and prove the course of events of an attack?

How do I prove the integrity and provenance of electronic data being used in investigative or litigation proceedings?

Our services

KPMG member firms can provide deep technical expertise to help you respond to and investigate sophisticated cyber attacks. Our services include: